This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database.
This exploit allows an attacker to perform a denial of service attack on AirDrop 2.0. By sending a specially crafted packet, the attacker can cause the AirDrop service to crash, resulting in a denial of service for legitimate users. This vulnerability affects AirDrop versions 2.0 and below.
This exploit allows an attacker to execute arbitrary code or crash the VirtualVCR software by causing a buffer overflow.
The PoC provided demonstrates the SQL injection vulnerability in the search.asp page. It allows an attacker to manipulate the SQL query and retrieve sensitive information from the database. The vulnerability can be exploited by appending malicious SQL statements to the 'nsearch' parameter.
This vulnerability allows unauthenticated remote attackers to execute arbitrary SQL commands and obtain private information. It affects the C4G Basic Laboratory Information System (BLIS) version 3.4. The vulnerability occurs in multiple occurrences within the system, specifically in the 'site' parameter of the 'users_select.php' page.
Memu Play 6.0.7 suffers from Privilege Escalation due to insecure file permissions. By default, the Authenticated Users group has modify permission to ESM folders/files, allowing a low privilege account to rename the MemuService.exe file and replace it with a malicious file that can connect back to an attacking computer and gain system level privileges. Restarting the computer triggers the execution of the malicious file.
This module exploits a command injection in the Belkin Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. This module has been tested on a Wemo-enabled Crock-Pot, but other Wemo devices are known to be affected, albeit on a different RPORT (49153).
A public X.509 certificate testcase for CVE-2014-1569 caused a stack buffer overflow in MatrixSSL. The bug is that pubRsaDecryptSignedElementExt() uses a fixed size stack buffer, but then doesn't check if the key size exceeds it.
The seccomp sandbox in older kernels (before 4.8) does not run the seccomp check again after the tracer is notified. This allows ptrace to be used to escape from the seccomp sandbox. This vulnerability affects multiple Android devices with older kernels, making seccomp policies that don't blacklist ptrace ineffective as security boundaries.
The WinRAR version 5.61 is vulnerable to a Denial of Service attack. By adding an archive with a specific file and pressing the test button in the WinRAR program, it will crash.
Services By CQR